This adds a configuration option to the [app] section: open_deletion. When true, users can delete their account on their own. Ref T319pull/204/head
@@ -1156,6 +1156,10 @@ func getTempInfo(app *App, key string, r *http.Request, w http.ResponseWriter) s | |||||
} | } | ||||
func handleUserDelete(app *App, u *User, w http.ResponseWriter, r *http.Request) error { | func handleUserDelete(app *App, u *User, w http.ResponseWriter, r *http.Request) error { | ||||
if !app.cfg.App.OpenDeletion { | |||||
return impart.HTTPError{http.StatusForbidden, "Open account deletion is disabled on this instance."} | |||||
} | |||||
confirmUsername := r.PostFormValue("confirm-username") | confirmUsername := r.PostFormValue("confirm-username") | ||||
if u.Username != confirmUsername { | if u.Username != confirmUsername { | ||||
return impart.HTTPError{http.StatusBadRequest, "Confirmation username must match your username exactly."} | return impart.HTTPError{http.StatusBadRequest, "Confirmation username must match your username exactly."} | ||||
@@ -555,6 +555,7 @@ func handleAdminUpdateConfig(apper Apper, u *User, w http.ResponseWriter, r *htt | |||||
apper.App().cfg.App.SiteDesc = r.FormValue("site_desc") | apper.App().cfg.App.SiteDesc = r.FormValue("site_desc") | ||||
apper.App().cfg.App.Landing = r.FormValue("landing") | apper.App().cfg.App.Landing = r.FormValue("landing") | ||||
apper.App().cfg.App.OpenRegistration = r.FormValue("open_registration") == "on" | apper.App().cfg.App.OpenRegistration = r.FormValue("open_registration") == "on" | ||||
apper.App().cfg.App.OpenDeletion = r.FormValue("open_deletion") == "on" | |||||
mul, err := strconv.Atoi(r.FormValue("min_username_len")) | mul, err := strconv.Atoi(r.FormValue("min_username_len")) | ||||
if err == nil { | if err == nil { | ||||
apper.App().cfg.App.MinUsernameLen = mul | apper.App().cfg.App.MinUsernameLen = mul | ||||
@@ -1,5 +1,5 @@ | |||||
/* | /* | ||||
* Copyright © 2018-2020 A Bunch Tell LLC. | |||||
* Copyright © 2018-2021 A Bunch Tell LLC. | |||||
* | * | ||||
* This file is part of WriteFreely. | * This file is part of WriteFreely. | ||||
* | * | ||||
@@ -139,6 +139,7 @@ type ( | |||||
// Users | // Users | ||||
SingleUser bool `ini:"single_user"` | SingleUser bool `ini:"single_user"` | ||||
OpenRegistration bool `ini:"open_registration"` | OpenRegistration bool `ini:"open_registration"` | ||||
OpenDeletion bool `ini:"open_deletion"` | |||||
MinUsernameLen int `ini:"min_username_len"` | MinUsernameLen int `ini:"min_username_len"` | ||||
MaxBlogs int `ini:"max_blogs"` | MaxBlogs int `ini:"max_blogs"` | ||||
@@ -76,6 +76,14 @@ select { | |||||
</div> | </div> | ||||
</div> | </div> | ||||
<div class="features row"> | <div class="features row"> | ||||
<div{{if .Config.SingleUser}} class="invisible"{{end}}><label for="open_deletion"> | |||||
Allow account deletion | |||||
<p>Allow all users to delete their account. Admins can always delete users.</p> | |||||
</label></div> | |||||
<div{{if .Config.SingleUser}} class="invisible"{{end}}><input type="checkbox" name="open_deletion" id="open_deletion" {{if .Config.OpenDeletion}}checked="checked"{{end}} /> | |||||
</div> | |||||
</div> | |||||
<div class="features row"> | |||||
<div{{if .Config.SingleUser}} class="invisible"{{end}}><label for="user_invites"> | <div{{if .Config.SingleUser}} class="invisible"{{end}}><label for="user_invites"> | ||||
Allow invitations from... | Allow invitations from... | ||||
<p>Choose who is allowed to invite new people.</p> | <p>Choose who is allowed to invite new people.</p> | ||||
@@ -158,7 +158,7 @@ h3 { font-weight: normal; } | |||||
{{ end }} | {{ end }} | ||||
{{ end }} | {{ end }} | ||||
{{ if not .IsAdmin }} | |||||
{{ if and .OpenDeletion (not .IsAdmin) }} | |||||
<h2>Incinerator</h2> | <h2>Incinerator</h2> | ||||
<div class="alert danger"> | <div class="alert danger"> | ||||
<div class="row"> | <div class="row"> | ||||
@@ -205,7 +205,7 @@ for (var i=0; i<showChecks.length; i++) { | |||||
}); | }); | ||||
} | } | ||||
{{ if not .IsAdmin }} | |||||
{{ if and .OpenDeletion (not .IsAdmin) }} | |||||
H.getEl('cancel-delete').on('click', closeModals); | H.getEl('cancel-delete').on('click', closeModals); | ||||
let $confirmDelBtn = document.getElementById('confirm-delete'); | let $confirmDelBtn = document.getElementById('confirm-delete'); | ||||